Potentially dangerous Request. Form value avoidance method

2020-08-22 21:57:33
OfStack

Personal feeling in.net framework 4.0

The best solution to the problem of "potentially dangerous Request.Form values" is

Add in system.web < httpRuntime requestValidationMode="2.0"/ > This sentence

Because validation 4.0 is enabled before HTTP's BeginRequest

 
<system.web> 
<httpRuntime requestValidationMode="2.0" /> 
</system.web>

ASP.NET. Request.Form
ASP. NET Method for obtaining Form form value in MVC controller
Analysis of the difference between Request.QueryString and Request.Param in asp.net
Implement Form form field values in ASP.NET to automatically populate the operation model
Implementation of converting form form elements into entity objects or collections in ASP.NET